NSA to Begin Mass Interception of VOIP Calls

A shadowy U.S. company today announced they have debuted a new technology for the NSA that can intercept VoIP telephone calls. I like the
Bond-villainesque quote by the CEO ...

“It’s no longer a matter of ‘if’ this technology works, but a matter of ‘when’ it will be implemented. Several countries worldwide,
including the US, are now requesting VSPs (Voice Service Providers) to provide LI access to qualified law agencies. It is only a matter of time when
it will become mandatory for all VSPs.”

It really depends on what VOIP provider you're using and what level of encryption they implement.. or if they maintain the keys to decrypt those
connections.. if they hold the keys then the NSA would still need to cooperate with them to decrypt the transmissions .. an end to end voip call using
AES256 encryption and a strong key, I'm sorry, still seems pretty damned impossible for someone to crack.. even with a massive super computer a strong
key would take millions of years to break.. ( for just one call ) .. imagine trying to do that on a huge scale ..

So this would either...

A) Have to involve VOIP provider's cooperation, much like they had to have coop from telcos to do mass wiretapping
B) They can only monitor non-encrypted voip transmissions, as if that would be difficult to do

C) They cracked AES256 and can pop it in no time.. very unlikely, very very unlikely.
D) They built themselves a working quantum super computer that can pull it off.. not likely either

With that said... I'm going to say I doubt this has much validity to it ..the resources to pop into even a single encrypted voip call without the voip
provider's cooperation ( assuming they keep keys, which I don't think most do ) would be immensely resource intensive.. I mean hugely so... can anyone
back the source?

And no I'm not a crypto expert but I work in IT and I'm a software engineer with a love of encryption technology.. I've written my own algorithms just
for fun =) .. There's a reason Julian Assange chose to encrypt wikileaks data in AES256 which is one of the defacto standards of encryption because of
it's so far unbreakable nature.

Just as an added note .. I've read cases where the FBI have confiscated an encrypted drive and spent multiple years trying to decrypt the content
which eventually led to them having to release the person in custody.. he refused to provide the passwords, they exhausted all efforts to obtain the
data and couldn't detain him any longer.. sure they kept the equipment.. but they spent multiple years trying to crack into it .. the same would be
true of an encrypted voip transmission..

The way this usually works though, the voip provider would NOT have the key.. usually a key is randomly generated on the client side and end to end
encryption is established.. meaning not even the voip provider itself can monitor this call . however .. not all providers do this I'm sure.. that's
why I say it depends... if there is end to end encryption with randomly generated keys.. I seriously doubt even the NSA has the power to break it
unless they manage to slip every computer in the world a virus that allows them to monitor the decrypted outputs on each end.

Sounds pretty ominous doesn't it? .. only this groundbreaking attack is only slightly faster than brute force which on a password containing 14
characters with mixed characters ( including non alpha numeric ) would take many lifetimes to crack even with super computers.

“This research is groundbreaking because it is the first method of breaking single-key AES that is (slightly) faster than brute force,” Nate
Lawson, a cryptographer and the principal of security consultancy Root Labs, wrote in an email. “However, it doesn't compromise AES in any practical
way.”

And any reputable provider would be using AES I'm sure.,, the point I'm making is this is for cracking one ... cracking many thousands at once? .. not
likely

You can explain the reasons why such things are not the way they are portrayed but then the subject fizzles into nothingness, and it won't matter. It
always starts off with an emotive claim about personal rights, like tapping your voip, and catches a few spot fires of discussions, then fizzles out
anyway as it's not what was being brought to the topic.

Maybe I'm being overly optimistic given the ISP I'm with. They're well known for protecting their customers privacy.

I use a free internet service to make VIOP calls to cell phones and land lines. Since this is a free service, one might think they would more easily
be in the feds back pocket as they can more easily be shut down.

I'm not worried about it. Anything I have to say to anyone that's important enough to be alarming to the Government is going to be said in code to
the person I'm speaking to. Much like the code in half of my messages on ATS no one knows about. That's the best encryption because there are no
keys stored anywhere, on any computer system.

With VIOP the threat is not what they can get from your computer or the service's computer, it's the content they can tap into over the radio
frequencies or the phone line.

Practice setting up code words with your friends and family just in case you ever need them.. Korea is threatening to nuke the US again.. you never
know.. Red Dawn may be tomorrow.

Well, basically the thing's an enshrined man-in-the-middle system. They intend for VOIP to be brought under CALEA, or whatever CALEA-esque system
pertains in the particular country, and in order to use Skype, Vonage et al you'll have to relay that connection through the ISPs 'relay server',
which has access to the unencrypted data.

However, as far as the other goes, we were told by an NSA wonk at a fairly exclusive meeting at Redstone years ago that they'd solved the issue with
real-time decryption of prime number factoring systems like AES. I know that the IEEE were making strides on that and were told by the NSA to stop
working on it, that back in the early 80's. It was a stink back then, but they dropped further publication on it. A decade later, NSA suddenly dropped
all objections to encrypted phone calls made using prime number encryption, this was right after the Clipper chip was shown to be vulnerable to simple
attacks and was dropped.

At the meeting, that came up, someone asked why the Clipper chip had died with no replacement since it had been a big bone of contention for NSA, and
the guy said 'key escrow systems are no longer necessary as encryption of this type is no longer an issue for us' quote unquote. It hit the trade rags
briefly, the guy never came back again (alas), I assume he was moved on to other work.

Well, basically the thing's an enshrined man-in-the-middle system. They intend for VOIP to be brought under CALEA, or whatever CALEA-esque system
pertains in the particular country, and in order to use Skype, Vonage et al you'll have to relay that connection through the ISPs 'relay server',
which has access to the unencrypted data.

However, as far as the other goes, we were told by an NSA wonk at a fairly exclusive meeting at Redstone years ago that they'd solved the issue with
real-time decryption of prime number factoring systems like AES. I know that the IEEE were making strides on that and were told by the NSA to stop
working on it, that back in the early 80's. It was a stink back then, but they dropped further publication on it. A decade later, NSA suddenly
dropped all objections to encrypted phone calls made using prime number encryption, this was right after the Clipper chip was shown to be vulnerable
to simple attacks and was dropped.

At the meeting, that came up, someone asked why the Clipper chip had died with no replacement since it had been a big bone of contention for NSA, and
the guy said 'key escrow systems are no longer necessary as encryption of this type is no longer an issue for us' quote unquote. It hit the trade
rags briefly, the guy never came back again (alas), I assume he was moved on to other work.

edit on 8-3-2013 by Bedlam because: (no reason
given)

Hey Bedlam, much respect to you sir for all the incredibly interesting info you've contributed to this board over the years but sometimes you might
as well be speaking tongues. This is one of those times. Can you explain all that in English please? It sounds very very interesting but all the
schmucks like me can only understant half of it.
Thanks

Originally posted by PlausibleDeniability
Hey Bedlam, much respect to you sir for all the incredibly interesting info you've contributed to this board over the years but sometimes you might
as well be speaking tongues. This is one of those times. Can you explain all that in English please? It sounds very very interesting but all the
schmucks like me can only understant half of it.
Thanks

Hmm. Where to start.

The OP's article describes a system where your local ISP has a program running on one of its servers. When you make a Skype, vonage etc VOIP call,
instead of going to the end user directly as Skype does, you'll actually be routed through the ISP. The ISP's server will receive your call, and
place an outgoing call to your recipient. Thus, the ISP's server will have access to the decrypted call data. This general type of interception is
called a "man in the middle" attack, for obvious reasons, only in this case instead of being a one-off thing is going to be enshrined in law.

Currently in the US, the group of regulations called CALEA covers intercepting and diverting calls to law enforcement for regular call traffic. Skype
has so far eluded them since it doesn't go through a switched network like the phone system. However, they're apparently about to require that VOIP
traffic be brought under CALEA, or whatever the other country of your choice calls it. I know the UK has a version of it as well. This program would
give them the ability to do this.

Another poster stated that AES encryption, which uses prime number factoring, was likely unbreakable. At a time in the past, the NSA was very freaked
out over the use of phones on the public telephone system that were scrambled using various forms of prime number encryption. To the point that laws
were being passed that required any encrypted phone traffic to use a system called Clipper, which was a key-escrow system. Basically, you could have a
scrambled phone if and only if you used the NSA's encryption method, and only if you had given them the decryption key ahead of time. They promised
not to peek without a court order, but hey, it's the NSA.

At any rate, shortly after Clipper came out, someone found a big hole in the algorithm and hacked it. It was a big hairy deal for a month or so, then
suddenly the NSA said 'we don't care anymore la la la', and Clipper died a gruesome and immediate death.

At a meeting at Redstone that was for something else entirely, this came up, not long after Clipper was a dead issue. The NSA wonk that was doing the
death-by-powerpoint for the meeting said "key escrow systems are no longer necessary as encryption of this type is no longer an issue for us", and
I'm pretty sure that's close to an exact quote although it's been years. That hit the trade rags, and no one paid attention. I don't know another
way to interpret that comment, though, than that AES et al are breakable in real time.

Thank you Bedlam, very interesting info. So it sounds like your saying the NSA has found a way to break AES encryption, which by all accounts is close
enough to being impossible to break that it might as well be just that.

How is this possible? I've read things about some sort of quantum computers of some sort that are able to do all their calculations in a different
universe of sorts so that even the longest and most complicated of problems would be solved near instantaneously. It took a million years in whatever
universe the computer did its calculations in but to us it seems like only a second. Do you think this kind of tech is even close to being possible?
Sounds like SciFi to me but I would not be surprised if our unlimited black budget found a way...

I just enlisted in the army in a mos that deals with a lot of this kind of thing so its all become that much more interesting to me.

Originally posted by PlausibleDeniability
Thank you Bedlam, very interesting info. So it sounds like your saying the NSA has found a way to break AES encryption, which by all accounts is close
enough to being impossible to break that it might as well be just that.

How is this possible?

I'm a crypto user, not a crypto expert. However, in the late 70s, early 80s when RSA came out, IEEE started picking it apart, and some guys were doing
some really interesting work with number theory, when the government dropped a letter to them demanding they stop publishing any further research on
the matter, which they did, and it caused a stink at the time. So I can imagine but not prove that they were onto something, or the government thought
so.

Do you think this kind of tech is even close to being possible? Sounds like SciFi to me but I would not be surprised if our unlimited black budget
found a way...

I just enlisted in the army in a mos that deals with a lot of this kind of thing so its all become that much more interesting to me.

The government loves quantum computing and quantum dot logic.

eta: congrats, had a comm MOS that had us doing the occasional ELINT/SIGINT job.

This content community relies on user-generated content from our member contributors. The opinions of our members are not those of site ownership who maintains strict editorial agnosticism and simply provides a collaborative venue for free expression.